Gimmicky crap I just wasted 36 bucks for 3 shells that birdshot beats
@walshhaddock72553 дні тому
*Promosm*
@TheSenSeTime10 днів тому
Hey there awesome video! What is the terminal you are using??? Or theme I like those icons
@BrittKempМісяць тому
Britt Howell get it!
@tiernanmorganМісяць тому
if you know seed is datetime could you use this to reverse enginer a slot machine?
@designzonebeatsМісяць тому
Only partway through, but it was so crazy, I was just reading a post by RastMouse before I came here to learn more about using Sliver with C2 BOFs :)
@snakiesnakeМісяць тому
What is the terminal you are using??? Or theme I like those icons
@H088YHaX0RМісяць тому
Excellent video. Thanks for posting. Could you provide the HTB link for the double hop explanation as shown @52:11 into the video? I am subscribed Thanks.
@rogerjensen5277Місяць тому
What is the effective range of these rounds! A shotgun round that could hurt someone, as you sure?
@mlit83Місяць тому
People who knows antennas and how to make high gain directional antennas
@SajidQureshi__Місяць тому
great video but i have a question can't we just disable the EDR when we want to exexcute the agent and then reenable after our agent ran
@DarkDonnieMarco2 місяці тому
I just wanted to say thanks very much. Currently studying OSEP, which is an incredible course. I was trying to decide which framework to use for the extra mile exercise and you have definitely swung it for Sliver.
@xB-yg2iw2 місяці тому
Really interesting, thanks Ben!
@gianluca47492 місяці тому
is there any discord channel where we can interact with the development team?
@Bishopfox2 місяці тому
Absolutely! We'd love to have you over at discord.gg/redsec
@cvport81553 місяці тому
Please make More vd advanced techniques red team
@Bishopfox3 місяці тому
🏃♂️ On it!
@JeevaS-zd3yq4 місяці тому
i team i am jeeva from india one day i will join your team
@Bishopfox4 місяці тому
Look forward to it!
@Bishopfox4 місяці тому
Here's the corresponding blog post. Thanks for watching! bfx.social/418m7sh
@babanaber23095 місяців тому
Is about OSCP or OSEP? Bcs, we see "OSEP" in title but video content targeted OSCP. Am I wrong?
@Bishopfox5 місяців тому
From Jon: The content is for OSEP. OffSec has updated their OSCP content to include Active Directory attacks, but at a basic level. OSEP dives deeper into AD attacks and discusses AV evasion as well.
@babanaber23095 місяців тому
Thank you for information. Regards,@@Bishopfox
@patrickm35545 місяців тому
Great work! Btw it looks like CME was exporting the AS-REP user hash as AES-256 as the hash encryption type is tgs$18$ so you wouldn’t likely crack it. Kerbrute is requesting the hash as tgs$23$ which is the older RC4 encryption and much weaker/faster to crack.
@Bishopfox5 місяців тому
From Jon: That is interesting! Really appreciate your input here and thanks for sharing with me. When I was prepping for it, I did use CME but you’re right and I mentioned it - the hash didn't crack but I didn't dig into why. I moved along to a different tool. From an OPSEC standpoint, we wouldn't want to draw too much attention to our activities on a network so CME requests the hash as AES-256 which makes sense. From an exam standpoint and CTF/etc, kerbrute's Rc4 encryption is preferred.
@patrickdee73655 місяців тому
More more more. John has a fantastic talent at explaining things!
@Bishopfox5 місяців тому
Definitely more to come!
@CrazyMike14165 місяців тому
Very informative and awesome show, I will be watching and learning more on my quest on Ethical Hacking. Thank you so much Bishop Fox and Defcon!!!!
@Bishopfox5 місяців тому
Thank you! If you're not in it already, you may want to check out our Discord server - discord.com/invite/redsec. We also have a few trainings coming up before the year ends you might want to watch.
@nathanmay48185 місяців тому
This is awesome, ive got my exam scheduled and will be using sliver!
@Bishopfox5 місяців тому
Let us know what happens - and good luck!
@user-vd7jv6qt1l6 місяців тому
Please update your tool
@dgoncalo6 місяців тому
Amazing content, this is a blessing! Thank you so much!
@Bishopfox6 місяців тому
For the person who asked how to transition from pen testing into red teaming, Trevin had this to say: "Penetration testing as a background is one of the most natural paths towards red teaming that exists. Key in that evolution is being able to switch your approach and mindset from web-app only focus or network-only focus and towards "end result focus" and relaxing the restrictions on the "how" that is accomplished. After all, a wire transfer can be accomplished not just through a vulnerability in SWIFT, but also through elicitation of human beings, or even physical building compromises potentially. My suggestion for penetration testers wanting to move into Red Teaming would be to 1) focus on doing similar activities but doing them stealthily...finding ways to create payloads that will stay under the radar of common EDR products, and how to perform network scanning/enumeration in ways that are stealthy and will avoid detection. 2) seek to gain expertise in either social or physical red teaming, as a complement to their existing web or network based penetration testing skillset. Also, 3) understand the mindset and approach of blue team. What tooling do they typically use, how do they respond to key alerts. That is important in knowing how to pressure test those approaches." Hope this helps!
@trentfulbright84636 місяців тому
is there a way to use this without knowing the font or the size
@SthenC6 місяців тому
TomNomNom just seems like such a genuinely good human being. His was of thinking and describing things is just truly pleasant.
@Bishopfox6 місяців тому
He's the best.
@mikemcdonald51476 місяців тому
Kristin paget is actually a guy Chris Paget. Not sure how you mess that up LOL
@DavidKennedy-6 місяців тому
Just wanted to say this was excellent. Please more of this content.
@Bishopfox6 місяців тому
That's the plan! Are there any kind of trainings you are specifically seeking?
@DavidKennedy-6 місяців тому
@@Bishopfox That's great. To be honest John's stream was amazing but the Sliver stuff didn't start until 45mins in then finished just over an hour but I realise that's because it was due to the exam focus. I was glued to it from that moment on and learning about AV evasion, any character limits Sliver has and how to avoid the double hop with Rubeus was quality material. If he did an hour purely on moving around with Sliver so we can pick up tips and tricks it would be really fantastic.
@Bishopfox6 місяців тому
@@DavidKennedy- That's an interesting idea. Happy to pass it along, and thank you again for watching.
@mojed66666 місяців тому
I agree it would be nice to see more about working with sliver. I do like sliver a lot. I used it doing the CRTP from altered security and used it for the lab. It was fun.
@freem4nn1296 місяців тому
Thx for this ! this is exactly what i needed sir !
@djosearth36187 місяців тому
brilliant!! after just catching the end of the 3 guests chattting re: "kubernetes containers VS security of os particulars/hiring interview question: Uhave a lab? takeaway being atleast hgave one till youm (if erver) feel don't NEED one".Cann't wait to rewatch then catcvh w/e is streaming in th hour after that . foingerss crossed its not just 75 mins of UP NEXT as it is an archive of planned live streams during deRfcon ;]
@jgdkekrb7 місяців тому
This has been refreshing.
@vladrabactkit66437 місяців тому
how to buy
@c0d3ster7 місяців тому
really good conversation, thank you
@Bishopfox7 місяців тому
Thank you for tuning in!
@Korn16998 місяців тому
I didn’t even know that I had his book until I saw the reference on this video…lol. I got it a while back and saw him speak a few times at GrrCon (even got into a little argument with him at the 2021 GrrCon).
@MahiUddin-ck3om8 місяців тому
🥰
@molotov50008 місяців тому
i wish i could go to defcon
@zoenagy94588 місяців тому
very slow attack
@Corrupt666688 місяців тому
Wish I could be there
@Bishopfox8 місяців тому
You can watch!
@dinozorman8 місяців тому
Is this def con or a shitty podcast?
@Bishopfox8 місяців тому
Thank you all!
@emTr08 місяців тому
Awesome stream!
@alexwell53408 місяців тому
👍👍👍
@Bishopfox8 місяців тому
New stream: ukposts.info/have/v-deo/qHGlh4NpfHyKz6M.html
@Bishopfox8 місяців тому
Just a few more minutes :)
@Bishopfox8 місяців тому
Hi all! New stream coming ASAP
@ashupar849 місяців тому
Nice tool , thanks 👍
@Jon64299 місяців тому
Did something similar a few years ago running a job scraper hosted on X10's free tier that looped through Yahoo Pipes. The biggest problem was staying under their CPU/Usage limits to avoid instant account deletion.